Maximum security tricks for your Mac

Keir Thomas |
July 11, 2016

We tend to frown upon those who take computer extremely seriously but there’s a lot we can learn from them too.

Done it? Terrific. But now you've should go off and enable two-step it for all the other sites and services you access. For example, if you use any Google services like Gmail then you can also enable two-step verification. You can enable it for Microsoft services and sites too, and for Dropbox. Not all sites or services offer two-step verification just yet - notable hold-outs for UK users are Amazon and eBay - but a surprising number are on-board. Sites like https://twofactorauth.org provide a continually-updated list of those that do, although they tend to be biased towards American use.

Setting-up two-step verification is pretty easy. Some sites and services text you a number when you're logging in, that you then enter when prompted, so to set them up all you need do is provide your mobile number.

For those services or sites that use an authenticator app, like the aforementioned Authy, you'll need to switch to the app on your mobile or tablet, then choose to add a code and simply point the device's camera at a barcode that the site displays when you opt for two-factor setup. It's pretty straightforward. If your device doesn't have a camera then you can type the auth code in manually, and usually it appears just below the barcode.

Subsequently logging in to the service once two-step verification is setup will involve opening the app and typing when prompted the code displayed (usually after you've entered your password), or waiting for the text message/voice call to arrive and typing it when prompted.

Encrypt web page look-ups

The ages-old Domain Name System, or DNS, converts the addresses we humans can read and remember - such aswww.macworld.co.uk - into the numeric Internet addresses that computers better understand, such as 104.16.71.73.

All computers connected to the Internet consult DNS servers. They're provided by the Internet Service Provider as part of the overall package. The problem is that, like many things online, DNS is in no way secure. It was invented in a different era, back when people just didn't think about things like that. In other words, any and all requests you make for websites via DNS can be snooped upon by others while the data is in transit.

The DNSCrypt app and project overcomes this by simply encrypting DNS requests both to and from the DNS server. You can download the app from the project's home page and setup is pretty simple once it's installed - just open System Preferences, click theDNSCrypt icon at the bottom, then select the General tab and put checks alongside Enable DNSCrypt and Automatically Disable if Blocked. See our screenshot for an example.

You won't notice any difference to everyday Internet tasks such as web browsing when DNSCrypt is in use, although it adds a menu bar icon so you don't forget it's running (right-clicking this and selecting the hide option gets rid of this until you next reboot). However, with DNSCrypt running your webpage look-ups are immediately more secure.